Short Code FAQ  >  What Is a Short Code Audit?

What Is a Short Code Audit?

When an SMS short code is provisioned by the wireless carriers, it's done so with the expectations that the owner of the short code will follow the rules for short codes set out in the CTIA Short Code Monitoring Handbook. While the majority of short code owners do follow the rules, it's still essential for the CTIA to do in-marketing monitoring of short codes, to ensure everyone's compliance.

A CTIA short code audit is triggered when a live short code program fails to meet the standards set out in the CTIA Short Code Monitoring Handbook. To find short codes that are not meeting the standards set out in the CTIA Short Code Monitoring Handbook, the CTIA employs a sophisticated in-market monitoring tool, which will review short code campaigns that are being advertised to the public.

CTIA issues compliance audits weekly for standard rate short codes leased with the Common Short Code Administration. CTIA audits are published at 2:00 AM EST every Tuesday, with audits covering issues with short code campaigns during the previous week.

CTIA distributes Audit Notices each week. Each CTIA short code audit will will include the following...

  • Description of CTIA short code violation
  • Unique Audit Number
  • SMS Short Code
  • SMS Service Provider
  • SMS Aggregator (full list here)
  • CTIA Audit Notice Date
  • CTIA Audit Cure Date

CTIA short code audits are made available to all U.S. wireless carriers that support short code messaging.

Warning: The CTIA does not monitor TCPA compliance for short codes. This is the short code owner's responsibility.

CTIA Short Code Audit Severity Levels

All CTIA short code audits are designated different severity levels, based on how harmful the issue is to the consumer. The severity of the CTIA short code audit will determine how fast the CTIA and the wireless carriers require you to fix the issue, before they pursue more further options.

The different severity levels are listed below, with Severity 0 being reserved for the most extreme CTIA short code violations.

 

    Definition  Cure Date  Penalties
Severity 0 Extreme consumer harm Immediate CTIA: Immediate registry suspension harm

Carriers: Vary by case; immediate suspension or termination possible

Severity 1 Serious consumer 5 business days CTIA: Unresolved audits; possible registry harm suspension

Carriers: Vary by case

Severity 2 Moderate Consumer Harm 5 business days CTIA: Vary by case consumer harm

Carriers: Vary by case

Based on the above severity chart, it's interesting to note that the vast majority of short code audits (80+%) result in a pass, and Severity 0 failures are rare. You can view the charts below to get a better understanding of the failure rates for each severity in short code audits, both in their advertising of the campaign, and the actual messaging of the campaign.

SMS Short Code Audit Violations

CTIA Short Code Violation Examples

When a short code fails a CTIA audit, it's either because of the way the campaign is being advertised to consumers, or because of the consumer experience with the messaging flow. As you can see below, the vast majority of short code audits that have to deal with the way the campaign is being advertised is being caused by no mention that "message & data rates may apply, followed by no clear indication of a privacy policy, and no link to a  comprehensive terms & conditions.

SMS Short Code Audit Violations - Advertising

When failures occur with the messaging flow of the campaign, the top violations are not including customer care contact information in messages, again missing "message & data rates may apply", and disclosing to the consumer in the messaging flow that they're opting in for recurring messages. You can see this in the chart below.

SMS Short Code Audit Violations - Messaging

 

CTIA Short Code Audit Communications

Have you received a CTIA short code audit? Don't worry, the CTIA Compliance Care Team is here to help you! If you have a question about a CTIA audit, or need help, please lease a comment on the short code audit notice, or email us.support@wmcglobal.com. The CTIA Compliance Care Team (Care Team) responds promptly to all messages regarding short code compliance. The CTIA Compliance Care Team is here to assist you as much as possible with understanding how to resolve short code violations and close CTIA short code audits.

CTIA Short Code Audit Retests

It's your responsibility as a short code owner to communicate to the CTIA Compliance Care Team after receiving a short code audit that the issue has been resolved.

If the CTIA Compliance Care Team does not hear back in response to a short code audit, or if the short code owner doesn't resolve the issue that triggered the audit notice, the short code is subject to further action by either the CTIA or the wireless carriers.

TV & Print Exceptions

The CTIA and the wireless carriers understand that it may not be possible to address an issue if the issue is caused by television or printed material. In these cases, short code owners may submit a short code retest request for a date further out than the required cure date. For a retest request for a violation caused by a television or print advertisement, a short code owner will have to give a clear explanation of the changes to be implemented on the next round of advertisements.

CTIA short code audits that are awaiting a retest due to a television or print advertisement, will be categorized as "Pending Retest".

 

CTIA Short Code Audit Appeals

If you believe that a CTIA short code audit is not valid, you may challenge the audit by emailing the CTIA Compliance Care Team at us.support@wmcglobal.com. The challenge must be received before the cure date on the short code audit notice, and must include an explaination of why you think the short code audit is incorrect.

 

Reporting CTIA Short Code Violations

Have you found a short code that is violating any of the rules in the CTIA Short Code Monitoring Handbook? If so, please report violations to the CTIA Compliance Care Team at us.support@wmcglobal.com. When reporting a short code violation, please include the following information.

  • Location of the call-to-action
  • SMS short code number

If the CTIA decides to take action against a short code owner for a violation, the person's information that reported the violation will be kept confidential.

Only Creative Commons
Title
Caption
File name
Size
Alignment
Link to
  Open new windows
  Rel nofollow